When TLSA record type in Route 53?


Hi, trying to setup DANE for my MX records and DNSSEC seems to be supported but TLSA records not. Any ETA on when can we expect TLSA records to be available? It would help many who host their DNS with Route53 and want to setup DANE. Or is it never coming and I should start looking for Route 53 replacement?

  • Been waiting for years now. We consider switchting to another DNS provider now.

asked 10 months ago290 views
1 Answer

Thank you so much for reaching out to AWS,

I regret to inform you that AWS, unfortunately, does not currently support the TLSA DNS record type on Route 53. The list of DNS record types that can be utilized within Route 53 can be found in this official article: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html

You can keep an eye on AWS news blogs to learn about new services and features as we release them

answered 8 months ago
  • This is very important to me. The reason I switched to AWS and Route53 for my domains is that it is quite a bit cheaper than my old registrar, especially with DNSSEC.

    Now I find out that TLSA records are not supported, so I cannot enable DANE. That was the entire reason I wanted to get DNSSEC working.

    Is there a place where I can put my vote in for Route53 to support TLSA records? I think there are probably LOTS of customers awaiting that functionality.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions